Here you have the best ISC CISSP practice exam questions
Physical assets defined in an organization's business impact analysis (BIA) could include which of the following?
Physical assets are tangible resources necessary for the operation of a business. Supplies kept off-site at a remote facility fit this definition because they are tangible items that could be necessary for business continuity or recovery in case of a disruption. Personal belongings of staff members, disaster recovery line-item revenues, and cloud-based applications are not considered physical assets within a business impact analysis.
When assessing the audit capability of an application, which of the following activities is MOST important?
When assessing the audit capability of an application, the most important activity is to determine if audit records contain sufficient information. This is because the primary purpose of an audit is to create a detailed record of activities that can be useful in identifying and investigating suspicious or inappropriate activities. Without sufficient information in the audit records, it would be impossible to effectively review and analyze the activities logged, rendering the audit capability ineffective regardless of other factors such as storage capacity or procedures for investigating suspicious activity.
An organization would like to implement an authorization mechanism that would simplify the assignment of various system access permissions for many users with similar job responsibilities. Which type of authorization mechanism would be the BEST choice for the organization to implement?
Role-based access control (RBAC) is the best choice for an organization looking to simplify the assignment of system access permissions for many users with similar job responsibilities. RBAC assigns permissions based on roles rather than on an individual basis. This means that users with similar job functions can be grouped under the same role, and the corresponding permissions are assigned to that role. This approach streamlines the management of access controls, making it easier to grant and revoke permissions as users change roles within the organization.
What is the PRIMARY reason for criminal law being difficult to enforce when dealing with cybercrime?
Jurisdiction is hard to define. Cybercrime frequently spans multiple geographic regions and legal jurisdictions, which makes it challenging to determine which law enforcement agency has the authority to act. Different countries have varying laws and regulations regarding cybercrime, complicating the process of investigation and prosecution. This issue of jurisdictional ambiguity is the primary barrier to effectively enforcing criminal law in the realm of cybercrime.
Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?
Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using the Extensible Authentication Protocol (EAP). EAP is an authentication framework frequently used in wireless networks and point-to-point connections. It supports multiple authentication methods, such as token cards, Kerberos, and certificate-based systems, thereby enhancing security in WPA2 implementations.